Business Community > Routers > WireGuard, routing only specific LAN hosts to vpn tunnel
< Routers

WireGuard, routing only specific LAN hosts to vpn tunnel

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

WireGuard, routing only specific LAN hosts to vpn tunnel

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
WireGuard, routing only specific LAN hosts to vpn tunnel
WireGuard, routing only specific LAN hosts to vpn tunnel
2023-09-02 14:15:21
Tags: #VPN #Routing #WireGuard
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.1.2 Build 20230313 Rel.41632

Hello

 

The following WireGuard Setup is smoothly running on my TP-Link ER605.

 

[192.168.1.0/24] -> [192.168.1.1] -> [WireGuard Interface/Peer] => [==VPN Tunnel==] => [Internet].

All traffic from my local network is routed thru the tunnel.

 

My aim: I want that only traffic from specific LAN hosts will be routed thru the tunnel.

[192.168.1.2, 192.168.1.3, 192.168.1.4] -> [192.168.1.1] -> [WireGuard Interface/Peer] => [==VPN Tunnel==] => [Internet].

[192.168.1.5, 192.168.1.6, 192.168.1.7] -> [192.168.1.1] -> [WAN].

 

I already tried with defining [IP Group, IP Address] and using this with policy based routing. But still the whole subnet is routed thru the tunnel.

How can I achieve this?

 

Thanks.
 

 

 

 

  1      
 
  1      
 
#1
Options
4 Reply
Re: WireGuard, routing only specific LAN hosts to vpn tunnel
2023-09-04 06:17:56

Hi @nocontrol 

Thanks for posting in our business forum.

You should specify what's been put in Allow IPs instead of setting up something else.

How to Configure WireGuard VPN on Omada Controller

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re: WireGuard, routing only specific LAN hosts to vpn tunnel
2023-09-04 18:57:26
The problem with doing something like that with Allowed IPs is that it only identifies networks that are available via the tunnel universally, so all of the allowed IP ranges/subnets will route via the tunnel, what the OP is looking for it seems is a way to tell certain IP addresses or ranges to route via the WireGuard tunnel and others to ignore the tunnel, this is not something that is possible via the Allowed IP option.
  1  
  1  
#3
Options
Re: WireGuard, routing only specific LAN hosts to vpn tunnel
2023-09-07 06:18:00
I think you want to achieve something similar like me. https://community.tp-link.com/en/business/forum/topic/621148 See Solution
  0  
  0  
#4
Options
Re: WireGuard, routing only specific LAN hosts to vpn tunnel
2023-09-07 10:18:13

  @bsz thanks for the link.

 

yes, seems to be a comparable requirement.

just to mention: all clients of the subnet should reach the internet. just a bunch of them thru the tunnel and the rest over the ordinary wan routiing.

 

glad to hear, that tp-link will implement a possible solution.

  0  
  0  
#5
Options

Information

Helpful: 1

Views: 1719

Replies: 4

Tags

VPN Routing
WireGuard
Related Articles
Policy VPN Routing (Specific traffic down the VPN)
842 0
Open VPN - No routing
4123 1
Routing one device to a one specific WAN
881 0
L2TP LAN-LAN VPN in "Route" Working Mode
177 0
Routing LAN to default WAN
453 0
LAN client to Remote Subnet server Routing by way of VPN
435 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.